.desktop files, serious security hole, virus-friendliness

Rodney Dawes dobey at novell.com
Mon Apr 3 20:14:47 EEST 2006


On Mon, 2006-04-03 at 19:03 +0200, Thiago Macieira wrote:
> Benedikt Meurer wrote:
> >I'd propose to optionally include a digital signature for the Exec field
> >(i.e. add an ExecSignature field to the spec) and let the file manager
> >ask the user whether he/she trusts the signee or popup a warning if no
> >signature is present. Distributions should then ship with a good default
> >set of trusted certificates (i.e. for Gnome, KDE, Xfce, etc.), so users
> >shouldn't see the warning unless they're trying to execute a
> >virus.desktop or a .desktop file whose signee is not yet in the trustdb.
> 
> [I'm not trying to shoot your idea down; I'm just raising some discussion 
> points]
> 
> How would this work for user-created files? Should the desktop 
> automatically sign the files? Should we require each and every user to 
> have a GPG key?

Shoulud it be GPG? What about S/MIME? Do we really need a signature and
yet another dialog to pop up and annoy the user? Shouldn't we only pop
up things like this when we /know/ there is an issue?

-- dobey





More information about the xdg mailing list